The NSA claimed in a recent document that Edward Snowden pulled a fast one on at least one fellow NSA employee in order to gain access to the classified documents he went on to leak - or gush, as the case may be.

Three NSA workers have been implicated in helping Edward Snowden spring leaks: a civilian NSA employee, an active duty military member, and a contractor.

According to an internal NSA memo dated 10 February 2014 that was obtained by NBC News, the civilian, who recently quit, let Snowden use his public key infrastructure (PKI) certificate to access classified information on NSANet - the official NSA intranet.

The civilian gave him access even though he knew full well that such access had already been denied to Snowden, who was then an NSA contractor, the memo says.

According to TheWeek, NSANet, which has its own bridges, routers, systems and gateways, allows analysts deployed almost anywhere to access virtually everything contained on the NSA's extremely vast data stores.

The memo is unclassified but labeled "for official use only."

It was written by Ethan L. Bauman, the director of the NSA's Legislative Affairs Office, and intended for the staff director and minority staff director of the House Committee on the Judiciary.

Bauman wrote that after Snowden asked, the civilian went on to type his PKI password in at Snowden's computer terminal.

The civilian didn't realize that Snowden was capable of capturing the password, Bauman says, and thereby getting even more access to classified documents.

The civilian also wasn't aware that Snowden planned to divulge top secret information from the US's spying agency, Bauman says.

Ignorance of Snowden's intentions was no excuse for the civilian's failure to follow security protocol, of course. Hence, the NSA revoked the civilian's security clearance on 20 November 2013 and told him his termination was in the offing.

The civilian employee didn't appeal the decision. He resigned on 10 January 2014.

Bauman didn't offer any details on how Snowden was helped by the active military member or the contractor.

The NSA isn't going to hold them accountable, at any rate: that's up to their employer, Bauman said.

The two were banned from accessing NSA information or spaces in August 2013.

The question of how Snowden was able to access all the classified information he did while employed at a remote Hawaii location is, naturally, of great interest to the US intelligence community.

Reuters reported in November that Snowden "may have persuaded between 20 and 25 fellow workers" to give him their passwords, and Snowden himself said in a public Google chat on 23 January 2014 that he neither stole passwords nor tricked co-workers.

From the chat:

With all due respect to Mark Hosenball, the Reuters report that put this out there was simply wrong. I never stole any passwords, nor did I trick an army of co-workers.

NBC News reports that Jesselyn Radack, a legal adviser to Snowden in the US, said that Snowden stands by the 23 January denial and that the NSA "has a documented history of scapegoating innocent employees for its own failures … manufacturing evidence against them and misleading Congress."

7 Responses to NSA: Edward Snowden had help

I read that report last week when it was released... did you notice that the NSA's attorney's phone number was not blacked out... that aside, I like to view this as two separate issues. True enough the NSA has\had gone too far, but they were allowed to do what they were doing, look at your members of Congress and ask them why... look at the Patriot Act and ask if we still need it in it's present form, that's one large issue.

The second issue that everyone wants to just "let go" is that Edward Snowden broke the law, he accessed and stole and released classified information that he had no permission to even view or authority to release, and yes it is that simple, at least to me it is. Now, how do you deal with one and not the other?

You are right in the first part looking at whether the US patriot act needs looking at. If it was ever repealed, altered or found to be unconstitutional, then Snowden's actions would not be unlawful in exposing something that should not have been in place in the form it is now. If he really has done wrong then he should expect some consequences and no one disagrees really on that point.

The second part covers how do you deal with one without the other. Again that's a fair point, but unfortunately you can't. For most people without Snowden's whistle-blowing they'd probably know little or nothing about how far the NSA has gone. His whistle-blowing at least raised the issue of how far is too far. Until the first part is dealt with as to whether the NSA has gone above their remit I can't pass judgement on Snowden's actions. If they have Snowden was right to point it out, if they haven't he was wrong. It's a dilemma, both parts are interwoven. Until either are proved one way or the other neither can really be accused of any wrong doing. The whistle-blowing if nothing else highlighted something many knew nothing about and pointed out it needs reviewing in some way. I'd still commend Snowden whether he's right or wrong because he's at least made me aware of something that me and everyone else can look at and come to a balanced opinion on that I was unaware of pretty much until he blew the whistle.

NOTHING surprises me on any claims the NSA may make the truth of the matter is they should not be spying on any individual without just cause, by that I mean any individual with a criminal record or terrorist activities can be spied on once a court order is obtained. If the individual is in a foreign country then the information must be passed over to that countries authorities, The NSA should realise they are not the police of the world and have no jurisdiction outside of the USA.

It is time the USA put controls on the NSA to prevent them from continuing persistence of collecting data for the sake of collecting data.
Enough is Enough.

At this point I do not believe anything the NSA has to say. They have shown time and time again that they are willing to lie, and essentially believe that any American Citizen is a potential terrorist.

It makes me wonder a little with the NSA. An organization everyone now knows is snooping on everyone else and until it was exposed, underhandedly and secretively too. If that's what they do and employ people to do it, then that's the kind of people they'll attract. Employees that love snooping round in other people's information. The NSA have been snooping around in people's information, then kick off when someone else does it back on them. If the NSA wasn't sticking their nose in everyone's personal business there'd have been nothing for Snowden to leak, so who ultimately is the worse offender?

Edward Snowden is the witness of the crime, and not the criminal. Why aren't the real criminals are still not being prosecuted under international laws. NSA spying not only effect US, but the whole world!

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.